Re: Setting up pptp

Yeah as discussed before, the CLI setting currently only allows IP address, and it is on our TODO list to make it also support hostname. When the interface is configured it should connect automatically, and there should be automatic retries when disconnected as well. For routing certain traffic through the interface, you can use policy-based routing (PBR), check out the Wiki page or previous forum discussions for more information.

Re: Setting up pptp

So there is no way to setup a pptp vpn on an EdgeMax router using hostnames? I find it hard to understand that a device labelled with things like "versatile functionality" can't do something like this.

Is there any other way? afaik edgeos uses Debian, is there a way to install some third party package that allows me to do this?

Re: Setting up pptp

As discussed before, the underlying software component (Debian pptp-linux package) does allow hostname, and it's the system configuration setting that currently does not allow it. As discussed before, it is on our TODO list to remove that restriction, and for now you can try editing the file "/opt/vyatta/share/vyatta-cfg/templates/interfaces/pptp-client/node.tag/server-ip/node.def" on the router, changing the line:

Is there a centralized wiki that contains details like this? The actual wiki isn't as in-depth as required for objects like this; I would never have known to do that unless you had told me. No other source had similar information.

I have two more questions.

First, when routing all traffic through the vpn, I have to both change the nat masquerade to my pptp interface and add a 0.0.0.0/0 route through the same interface. Why do I have to do both?

Second, is there a way to route traffic only from specific internal hostnames through the vpn? In my use case I have a chromecast (with a static hostname that I can find), and I want to route all traffic from it through a vpn, so that I can watch netflix / iplayer / etc on it.

Re: Setting up pptp

Yeah the change is actually more like "code changes" so is not meant for normal users, and we could look into getting that into the next version (will probably need some more work, e.g., adding validation etc.).

The masquerade is needed because otherwise the traffic source would be the private LAN IP and therefore the destination wouldn't know how to send the response back.

Routing only certainly traffic through VPN could be done using policy-based routing (some more information on the Wiki page for example). It will be based on the IP address though, so if the chromecast is getting DHCP from the router, you could define a static mapping for it (based on its MAC address) so that it will always get the same IP.